summaryrefslogtreecommitdiff
path: root/lib/libssl
diff options
context:
space:
mode:
authorBob Beck <beck@cvs.openbsd.org>2019-01-24 00:07:59 +0000
committerBob Beck <beck@cvs.openbsd.org>2019-01-24 00:07:59 +0000
commit66f6ef806362b0bbd9f86657657c5218bc6a1d0e (patch)
treeeeb0eb5bb9d18b506910b43963da145ef6408842 /lib/libssl
parentf07d8f25946e9e591905a159bb8052776d040d3f (diff)
Remove SHA224 based sigalgs from use in TLS 1.2 as SHA224 is deprecated.
Remove GOST based sigalgs from TLS 1.2 since they don't work with TLS 1.2. ok jsing@
Diffstat (limited to 'lib/libssl')
-rw-r--r--lib/libssl/ssl_sigalgs.c7
1 files changed, 1 insertions, 6 deletions
diff --git a/lib/libssl/ssl_sigalgs.c b/lib/libssl/ssl_sigalgs.c
index 76cb441b075..fdea93e1b05 100644
--- a/lib/libssl/ssl_sigalgs.c
+++ b/lib/libssl/ssl_sigalgs.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sigalgs.c,v 1.15 2019/01/23 23:47:13 beck Exp $ */
+/* $OpenBSD: ssl_sigalgs.c,v 1.16 2019/01/24 00:07:58 beck Exp $ */
/*
* Copyright (c) 2018-2019 Bob Beck <beck@openbsd.org>
*
@@ -182,17 +182,12 @@ uint16_t tls12_sigalgs[] = {
SIGALG_RSA_PSS_RSAE_SHA512,
SIGALG_RSA_PKCS1_SHA512,
SIGALG_ECDSA_SECP521R1_SHA512,
- SIGALG_GOSTR12_512_STREEBOG_512,
SIGALG_RSA_PSS_RSAE_SHA384,
SIGALG_RSA_PKCS1_SHA384,
SIGALG_ECDSA_SECP384R1_SHA384,
SIGALG_RSA_PSS_RSAE_SHA256,
SIGALG_RSA_PKCS1_SHA256,
SIGALG_ECDSA_SECP256R1_SHA256,
- SIGALG_GOSTR12_256_STREEBOG_256,
- SIGALG_GOSTR01_GOST94,
- SIGALG_RSA_PKCS1_SHA224,
- SIGALG_ECDSA_SECP224R1_SHA224,
SIGALG_RSA_PKCS1_SHA1, /* XXX */
SIGALG_ECDSA_SHA1, /* XXX */
};